我正在使用简单的 html 标签来显示来自 imgur.com 的图像:
<img alt="Modern Dashboard Design" src="http://i.imgur.com/yst7lV9.png?1" style="height:550px; width:1024px" />
几天前这还可以,但现在不显示了。图像在 jsfiddle 上显示,但在此页面上不显示:
http://www.ucom.my/p/admin-page-for-website-50
当您查看页面源代码时,您会发现
img
标签。
可能是什么原因?
Content Security Policy: The page’s settings blocked the loading of a resource at http://i.imgur.com/2qEeCDA.png (“default-src http://www.ucom.my”).
Content Security Policy: The page’s settings blocked the loading of a resource at http://i.imgur.com/yst7lV9.png?1 (“default-src http://www.ucom.my”).
Content Security Policy: The page’s settings blocked the loading of a resource at http://i.imgur.com/GAXEkpu.jpg (“default-src http://www.ucom.my”).
Content Security Policy: The page’s settings blocked the loading of a resource at self (“default-src http://www.ucom.my”).
打开 Firebug 控制台时可以看到这一点。
您的
head
中有这个:
<meta http-equiv="Content-Security-Policy" content="default-src 'self'">
这意味着您故意阻止了对 imgur 或其他任何地方的所有请求。改成这样:
<meta http-equiv="Content-Security-Policy" content="default-src 'self'; img-src example.com;">
或者直接将其完全删除。
查看您的浏览器检查器... 它说:
[Error] Refused to load http://i.imgur.com/2qEeCDA.png because it appears in neither the img-src directive nor the default-src directive of the Content Security Policy.
[Error] Refused to apply a stylesheet because its hash, its nonce, or 'unsafe-inline' appears in neither the style-src directive nor the default-src directive of the Content Security Policy. (admin-page-for-website-50, line 87)
[Error] Refused to load http://i.imgur.com/yst7lV9.png?1 because it appears in neither the img-src directive nor the default-src directive of the Content Security Policy.
[Error] Refused to apply a stylesheet because its hash, its nonce, or 'unsafe-inline' appears in neither the style-src directive nor the default-src directive of the Content Security Policy. (admin-page-for-website-50, line 89)
[Error] Refused to load http://i.imgur.com/GAXEkpu.jpg because it appears in neither the img-src directive nor the default-src directive of the Content Security Policy.
<img src="http://i.imgur.com/yst7lV9.png?1" referrerpolicy="no-referrer" alt="dashboard">